Q&A: Tim Mackey

Written by

Tim Mackey is a security strategist who applies his skills in distributed systems engineering, mission critical engineering, performance monitoring and large-scale data center operations to solve customer problems. He takes the lessons learned from those activities and delivers talks globally at well-known events. When not working, Tim loves spending time with his Fortnite-, football- and BattleBot-mad son. Plus, a little chess challenge here and there doesnt hurt either!

How did you get into the information security industry?

It was an accident really. I spent my early career working on mission critical engineering projects. That taught me to think about the edge cases which enabled me to make the leap from saying “‘it’s a bug” to “it’s a security issue.” This mindset served me well when I joined the cross-functional product security virtual team at Citrix following an acquisition. The rest, as they say, is history. I moved into the world of virtualization, cloud and containers where the scale of security issues are always increasing.

What’s the best thing about your job, and what’s the worst thing?

By far the best thing about this job is being able to meet fellow security practitioners at global events. We all have our areas of focus, and perspectives, but being able to share those perspectives can be the proverbial ‘lightbulb’ moment for someone who is solving a problem. The worst part is dealing with an incident. Thankfully, I’ve been lucky and not had to deal with many, but they are challenging. To put it into perspective, as members of the public, pretty much everyone has received some notification of a data breach. What most people don’t realize is the amount of work that goes on behind such a report, and how many comparably minor versions of such incidents occur each year.

What’s your proudest career achievement?

I love mentoring and creating teams, and have had the good fortune to do both multiple times over the years. Often the best thing I can do is identify the right people, unleash them on a problem and watch the magic happen. This is why I value collaboration so much – innovation isn’t a straight line, it’s a series of zigs, zags and failures, with lessons learned along the way. Successful teams and outcomes are often more a function of sharing ideas than using brute force.

What would you do if you did not work in information security?

Those who know me best would likely say I would either be a ‘mad scientist’ or a travel blogger. I’m a fairly creative guy and quite willing to roll my sleeves up to figure out how things work. If in that effort I solve an interesting problem, there’s a reasonable chance I’ll try and make that solution into ‘something.’ As for becoming a travel blogger, I’ve had the good fortune of seeing far more of the world than most will and sharing my experiences probably taps into the same collaborative mindset I use elsewhere.

What’s hot on Infosecurity Magazine?